Description

[Note: Without ReflectionPermission,
untrusted code can perform the following operations on members of loaded
assemblies:

Obtain type information from metadata for public
types and members.

Invoke public members.

Invoke members defined with family access in the
calling code's base classes.

Invoke members defined with assembly access in the
calling code's assembly.

Invoke members defined with FamilyAndAssembly
or
FamilyOrAssembly
access in the calling code's
base classes and/or assembly.

Enumerate assemblies.

Enumerate public types.

Enumerate types in the calling
code's assembly.

]

ReflectionPermission instances
can allow untrusted code to obtain type and member
information, invoke members, and enumerate types that would otherwise be inaccessible. [Note: Because ReflectionPermission can
provide access to members
and
information that were not intended for public
access, it is recommended that ReflectionPermission be
granted only to trusted code.]

The XML encoding of a ReflectionPermission instance is defined below
in EBNF format. The following conventions are used:

All non-literals in the grammar below are shown in normal type.

All literals are in bold font.

The following meta-language symbols are used:

'*' represents a meta-language symbol suffixing an
expression that can appear zero or more times.

'?' represents a meta-language symbol suffixing an
expression that can appear zero or one time.

'+' represents a meta-language symbol suffixing an
expression that can appear one or more times.

'(',')' is used to group literals, non-literals or a
mixture of literals and non-literals.

'|' denotes an exclusive disjunction between two
expressions.

'::= ' denotes a production rule where a left hand
non-literal is replaced by a right hand expression containing literals,
non-literals or both.

BuildVersion refers to the build version of the shipping CLI. This is
specified as a dotted build number such as '2412.0' .

ECMAPubKeyToken ::= b77a5c561934e089

ReflectionPermissionFlag = MemberAccess
| TypeInformation

Each ReflectionPermissionFlag can appear in the XML no more than once. For example, Flags=MemberAccess,MemberAccess is illegal.

Exceptions

Description

[Note: The intersection of two permissions is a permission that secures the
resources and operations secured by both permissions. Specifically, it
represents the minimum permission such that any demand that passes both
permissions will also pass their intersection.

This method overrides System.Security.CodeAccessPermission.Intersect(System.Security.IPermission) and is implemented to
support the IPermission interface.

Return Value

true
if the current instance is a subset of target ;
otherwise, false
. If the current instance is unrestricted, and
target is not, returns false
. If target is
unrestricted, returns true
. If target is
null
and the access level of the current instance is System.Security.Permissions.ReflectionPermissionFlag.NoFlags, returns true
. If
target is null
and the access level of the current
instance is any value other than System.Security.Permissions.ReflectionPermissionFlag.NoFlags, returns
false
.

Exceptions

Description

[Note: The current instance is a subset of target if the current instance
specifies a set of accesses to resources that is wholly contained by
target . For example, a permission that represents access to type
information is a subset of a permission that represents access to type information and members.

This method overrides System.Security.CodeAccessPermission.IsSubsetOf(System.Security.IPermission) and is implemented to
support the IPermission interface.

Parameters

Return Value

A new ReflectionPermission
instance that represents the union of the current instance and other. If
the current instance or other is unrestricted, returns a
ReflectionPermission instance that is
unrestricted. If other is null
, returns a copy of the
current instance.

Exceptions

Description

[Note: The result of a call to System.Security.Permissions.ReflectionPermission.Union(System.Security.IPermission)
is a permission that represents all of the access
to resources represented by both the current instance and other. Any
demand that passes either the current instance or other passes their
union.

This method overrides System.Security.CodeAccessPermission.Union(System.Security.IPermission) and is implemented to
support the IPermission interface.